Philanthropy and Giving Insights





5 Reasons You Should Review the Safety and Security of Your Donor Information


For many nonprofits, the trust they build with donors is one of their most important assets. Donors give to causes they believe in—they want to know that their money is being used well and going to the right place. This led to many of the processes in place in nonprofits today, like financial audits, annual reports, and other forms of transparency. But there’s another concern—getting hacked. There are plenty of reasons to be worried about the safety of your donor information, but here’s five that may be on your mind.

 

  1. It seems like data breaches happen every day.

The constant stream of media reports about data breaches can be exhausting and frightening. Many of the most trusted companies have experienced significant data breaches that revealed sensitive information—like the infamous Equifax breach. Unfortunately, data breaches are becoming increasingly regular.

Nearly 20 major businesses reported significant data breaches since January 2017—including large retailers and companies like Macy’s, Marriott, and Equifax.


While cybersecurity technology is racing to catch up and protect personal information, it is important to understand the risks and how you can keep your donors’ information safe.

 

  1. If we get hacked, our donations might plummet.
  2.  

    Because trust is so important in donor relationships, a significant data breach could devastate rapport that took a long time

    to build. And while a data breach can do that damage overnight, rebuilding after that kind of catastrophe can take years.

    According to the Case Foundation, “90% of consumers age 20-35 recently told The Millennial Impact Project that they would stop giving to a nonprofit altogether ‘if they did not trust the organization.’”

    Keeping your donors’ information safe is an investment, but one that is worth pursuing.

     

    1. What if we get hacked and then penalized?

    As data breaches become more frequent, the legal procedures surrounding them are constantly evolving. While there is no significant universal federal standard regarding penalties or liability, each state has differing laws about what party is liable in the event of a breach. There are requirements about notifying the affected parties, as well—and failing to understand these laws could leave your organization legally vulnerable.

     

    1. There’s so many places we collect payment information.

     

    A volunteer swipes a credit card at an event. A donor clicks through a link in an email to contribute. A call center employee takes down the donor’s card number.


    For most nonprofits, there are multiple ways and venues where donor information is collected and stored—which means multiple points of entry for hackers. It’s important to understand all the areas you might need to watch out for, and who you are trusting with sensitive information.

     

    1. I know we could pursue PCI compliance, but I don’t have the time to figure it out.

    As credit card payments have been adopted more widely, some security standards have been established. The Payment Card Industry Data Security Standard (PCI DSS, or PCI for short) was created in 2006 to normalize security practices around credit card use. All businesses and organizations who accept payment through credit cards are required to follow these standards, regardless of size or tax status. PCI compliance is enforced by the credit card companies themselves, leaving your organization in a vulnerable position if you are found to have revealed sensitive payment information that cost those companies money.

     

    Thinking through all the reasons you should be concerned about the safety of your donor information can be overwhelming, but there is good news! There are solutions that can help keep your donors’ information secure without adding a burden to your staff or significantly increasing your budget. Products like OneClick Donations® from Charity Giving leverage secure technology through mobile links texted straight to your donor’s phone, cutting down on donation drop off rates and ensuring that their information is safe! And, it can automate acknowledgements and receipts with minimal processing fees.


    Find out how you can keep your donor information secure, streamline donation processing, and update the look of your online forms with OneClick Donations® by visiting CharityGiving.